Replication: problems with synctest

Jorey Bump list at
Wed Nov 14 21:56:16 EST 2007

Rich Wales wrote, at 11/14/2007 06:13 PM:
> It looks like my problem with replication not working in one direction
> was a SASL thing.  One of my servers was advertising GSSAPI as an
> authentication mechanism, but it didn't really work (I don't have
> Kerberos installed on my systems).  Apparently, sync_client on the
> other box was deciding to use GSSAPI, but was giving up because it
> wasn't actually functional.
> I fixed the problem by moving the libgss* libraries out of the SASL2
> library directory.
> While I was at it, I also moved the libntlm* and libotp* libraries
> out of the SASL2 library directory, since I'm not using either of
> these authentication methods either.
> I'm mildly concerned that a future software upgrade might cause these
> libraries to reappear.  Is there a more reliable way to disable SASL
> authentication mechanisms, other than removing files from the library
> directory?

I don't use replication, but for normal authentication, I'm able to 
specify which mechanisms are advertised by including this in imapd.conf:

  sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5

Maybe this (or some variation) will also work for replication, and you 
can leave the libraries in place.

More information about the Info-cyrus mailing list